Employee behaviours threaten govt cybersecurity

A study into highly regulated high-risk industries, including government, education, healthcare and finance, presents a look at the tradeoffs between security and employee experience.

The Endpoint Ecosystem report, derived from a national research study conducted by Mobile Mentor, examines how employees in both the United States and Australia perceive privacy, productivity and personal wellbeing in the modern workplace. It defines the Endpoint Ecosystem as all devices, applications and tools plus the employee’s experience using that technology.

According to the data, 44% of government employees use work devices for personal use and 60% use personal devices for work use, suggesting that government agencies not only have a BYO device issue, but lack adequate password security and have a significant shadow IT problem.

The study highlights the following findings specific to government workers:

• Government employees have a password problem. 73% use the same password for multiple applications. 21% of government employees write their work passwords in a personal journal, 11% admit to storing their passwords in notes on their phone, and 17% keep work passwords in Excel or Word on a PC. 72% admit to choosing passwords that are easy to remember.
• Government has a shadow IT problem. More than 39% of employees say security policies restrict the way they work and 32% admit to finding ways to work around security policies. 45% of workers believe they are more efficient using non-work apps like Dropbox and Gmail.
• Government workers are largely aware of the gravity of a data breach which suggests workers are receptive to elevated security training. 55% of government workers believe they will get fired for a data breach while 59% believe their executives should be fired for a privacy breach. 31% know someone who exposed their employer to a data breach.
   

Security on BYO devices is a major vulnerability. 64% of government workers are using personal laptops and 89% are using personal smartphones in a typical work week. However, only 25% of government employees are enabled to securely access systems, data and applications on their personal devices.

The line between work and personal devices is blurred. 44% of government workers use work devices for personal use, and 60% use personal devices for work. 24% of government workers allow their family members to use their work devices for personal usage.

Study methodology

In late 2021, enterprise mobility company Mobile Mentor commissioned The Center for Generational Kinetics to field the study of 1500 employees across the healthcare, finance, education and government industry sectors. Employees were located in the United States (1000 participants) and Australia (500 participants). Each interview consisted of 25 questions to understand how employees are using devices in a post-pandemic world. The goal of the study is to gather data to educate and inform employers how devices in their industries are being used, how to prevent security breaches and how to best support productive employees.

To download the complete report, visit www.endpointecosystem.com.

Image credit: ©stock.adobe.com/au/jamdesign